ACA trials spam buster

Pacific Internet customers will lead the fight against the growing threat of e-mail spam with new software being trialled by the Australian Communciations Authority (ACA).

The ACA has been trialling locally developed forensic spam reporting software from SpamMatters and will now offer it to Pacific Internet customers in an extended trial process.

Through the trial Pacific Internet customers will be able to directly report suspicious e-mails via the SpamMatters software. Once customers have downloaded the Microsoft Outlook plug-in or a Web form from the ACA's Web site, it will be a one-click process to send any suspicious e-mails direct and intact to the ACA.

The ACA's manager of anti-spam, Anthony Wing, said Pacific Internet -- with approximately 61,750 subscribers -- was an ideal size for this second part of the trial, to help iron out any bugs before the regulatory body makes the service available to the general public.

SpamMatters was founded by David Jones, who founded EmU Tech which was acquired by SurfControl in 2000. Jones left Surf Control in order to set up his own software development company and work towards spam prevention.

"Filtering is a growing business, but I noticed a convergence between spam and viruses and thought that Internet crime was going to become a bigger issue," he said.

"So I wanted to be involved in developing software that can be used in conjunction with regulatory and legal authorities to stop spam at its source."

The software is designed to maintain evidentiary value of suspicious e-mails that are reported through a one-click process via an Outlook plug in.

"Previous spam reporting methods have been cumbersome, and they would often not hold up as evidence in court because the whole e-mail was not intact," Jones said.

SpamMatters' collation and forensic extraction provides all the critical forensic data required for further investigation, and also detects instances where the spammer has used "zombies" to deliver the spam, according to Jones.

Jones said he was looking to partner with ISPs and government departments both here and abroad.

In the US, ISPs can take spammers directly to court, but in Australia the ACA is responsible for enforcing Australia's Spam Act which came into effect from April 10 this year.

Wing said the SpamMatters software would help the ACA present cases in court.

"This is also very exciting because it means the public, who have up until now been passive victims, can be actively involved in the process of stopping spam," he said.

When asked whether the SpamMatters software competed against the reporting service that Sophos offers the ACA, Wing said that they complement each other.

"This way we can go to the courts and say, this is the evidence we have from industry reports, and this is the direct evidence from victims," he said.

Managing director of Sophos, Rob Forsyth, agrees, saying the more people in the anti-spam market the better.

"We at Sophos applaud anybody making an entry into this market," he said.

There are several reports suggesting that spam has increased at least 30 per cent in volume in 2004. Gartner released a report estimating the cost of phishing exceeds $US1.2 billion. This week SurfControl released a statement saying that phishing attacks were up 1200 per cent since January.

Latest Videos

​Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.​

No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?

Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.